The Justice Department charged three former U.S. intelligence operatives on Tuesday with hacking and conspiracy charges in connection with their work helping United Arab Emirates spy on activists and political rivals.
The charges allege that defendants Marc Baier, Ryan Adams and Daniel Gericke “knowingly and willfully” provided the UAE with spy technology without approval from the U.S. government.
The charges back up a 2019 Reuters investigation that found a secret hacking unit of UAE-based cybersecurity firm DarkMatter was hiring former U.S. intelligence officers to help the UAE to spy on the phones of activists, diplomats and other nation’s leaders. Former employees told Reuters that their work with the hacking unit, “Project Raven,” also involved spying on U.S. citizens and companies. The Intercept first reported the existence of DarkMatter in 2016.
According to court documents, after leaving government employment, Baier, Adams and Gericker joined a firm prosecutors referred to as “Company One” to provide cybersecurity services to the UAE. Their work was subject to U.S. arms export laws and required them to not target U.S. citizens or companies. However, the defendants failed to obtain that licensing for expanded intelligence work for the company that took place between January 2016 and November 2019, the documents said.
That included creating two zero-click exploits that used a vulnerability in a U.S. tech company’s system in order to access tens of millions of smartphones. One of the exploits the defendants used was purchased from an unnamed U.S. based company. The three are also accused of stealing documents, personally identifiable information and passwords from computers in the United States and around the world.
All three defendants entered a deferred prosecution agreement in order to resolve the charges. The agreement restricts their future work, requires them to collectively pay roughly $1.7 million in penalties and bans them for life from any future U.S. security clearances.
The charges underscore a push by the U.S. government to limit the ability of former U.S. intelligence operatives to work for foreign governments.
“This is a clear message to anybody, including former U.S. government employees, who had considered using cyberspace to leverage export-controlled information for the benefit of a foreign government or a foreign commercial company – there is risk, and there will be consequences,” Assistant Director Bryan Vorndran of the FBI’s Cyber Division said in a news release.
In 2020, Congress passed a law requiring U.S. intelligence agencies to provide Congress with an annual assessment of risks posed by retired and former intelligence personnel who contract with foreign governments.